Remote File Access Vulnerability in IBM Engineering Requirements Management DOORS
CVE-2024-41770

7.5HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
3 March 2025

Summary

A vulnerability in IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1 allows remote attackers to access and download temporary files. This exploitation can lead to the exposure of sensitive application logic and other confidential data, posing significant risks to the security of the affected systems.

Affected Version(s)

Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, 7.1

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.